Ring Confidential Transactions

Shen Noether, Adam Mackenzie, the Monero Research Lab


This article introduces a method of hiding transaction amounts in the strongly decentralized anonymous cryptocurrency Monero. Similar to Bitcoin, Monero is a cryptocurrency which is distributed through a proof-of-work “mining” process having no central party or trusted setup. The original Monero protocol was based on CryptoNote, which uses ring signatures and one-time keys to hide the destination and origin of transactions. Recently the technique of using a commitment scheme to hide the amount of a transaction has been discussed and implemented by Bitcoin Core developer Gregory Maxwell. In this article, a new type of ring signature, A Multilayered Linkable Spontaneous Anonymous Group signature is described which allows one to include a Pedersen Commitment in a ring signature. This construction results in a digital currency with hidden amounts, origins and destinations of transactions with reasonable efficiency and verifiable, trustless coin generation. The author would like to note that early drafts of this were publicized in the Monero Community and on the #bitcoin-wizards IRC channel. Blockchain hashed drafts are available showing that this work was started in Summer 2015, and completed in early October 2015. An eprint is also available at http://eprint.iacr.org/2015/1098. 

Full Text:

PDF Open Review


Abe, M., Ohkubo, M., Suzuki K. “1-out-of-n signatures from a variety of keys.” Advances in Cryptology?Asiacrypt 2002 415-432 (2002)

Back, A. “Bitcoins with homomorphic value (validatable but encrypted).” Bitcointalk (accessed 1 May 2015) https://bitcointalk.org/ index.php?topic=305791.0, 2013.

Back, A. “Ring signature efficiency.” Bitcointalk (accessed 1 May 2015) https://bitcointalk.org/index.php?topic=972541 msg10619684#msg10619684

Ben Sasson, E., et al. “Zerocash: Decen- tralized anonymous payments from bitcoin.” In IEEE, 2014 IEEE Symposium on Security and Privacy, 459–474 (2014).

Bernstein, D.J., Duif, N., Lange, T., Schwabe, P., Yang, B.-Y. “High-speed high-security signatures.” Journal of Cryptographic Engineering 2.2 77–89 (2012).

Bissias, G., Ozisik, A. P., Levine, B. N., Liberatore. M. “Sybil-resistant mixing for bitcoin.” In ACM, Proceedings of the 13th Workshop on Privacy in the Electronic Society, 149–158 (2014)

Duffield, E. and Hagan, K. “Darkcoin: Peertopeer cryptocurrency with anonymous blockchain transactions and an improved proof of work system.” (2014)

Fromknecht, C. “One-time zero sum ring signature.” Github (2016) https://github.com/cfromknecht/ OZcoin/raw/master/whitepaper/zerosum.pdf

Fujisaki, E., Suzuki, K. “Traceable ring signature.” In Public Key Cryptography–PKC 2007. Springer 181– 200 (2007)

Liu, J.K., Wei, V. K., Wong, D. S. “Linkable spontaneous anonymous group signature for ad hoc groups.” In Information Security and Privacy. Springer 325–335 (2004)

Mackenzie, A., Noether, S., M. C. Team. “Improving obfuscation in the cryptonote protocol.” (2015) https: //lab.getmonero.org/pubs/MRL-0004.pdf

Maxwell, G. “Coinjoin: Bitcoin privacy for the real world, august 2013.” Bitcointalk (accessed 1 July 2015) https: //bitcointalk.org/index.php?topic=279249.0

Maxwell, G. “Confidential Transactions.” (accessed 1 June 2015) https://people.xiph.org/~greg/confidential_values. txt

Maxwell, G., Poelstra, A. “Borromean ring signatures.” (accessed 12 December 2016) https://github.com/Blockstream/borromean_paper/raw/master/borromean_draft_0.01_34241bb.pdf

Nakamoto, S. “Bitcoin: A peer-to-peer electronic cash system.”(2008).

Noether, S. “Mininero.” (2015) https://github.com/ShenNoether/MiniNero

Noether, S. “Ringct demo in c++.” (2016) https://github.com/ShenNoether/RingCT

Noether, S. “Ringct demo in python.” (2016) https://github.com/ShenNoether/RingCT-Python

Noether, S., Mackenzie, A., M. C. Team. “Ring multisignature.” (2016). https://shnoe.wordpress.com/2016/03/ 22/ring-multisignature/

Rivest, R. L., Shamir, A., Tauman, Y.. “How to leak a secret.” In Advances in Cryptology???ASIACRYPT 2001. Springer 552–565 (2001).

van Saberhagen, N. “Cryptonote v 2. 0.” (2013) https://cryptonote.org/whitepaper.pdf

DOI: https://doi.org/10.5195/ledger.2016.34


  • There are currently no refbacks.

Copyright (c) 2016 Shen Noether, Adam Mackenzie

Creative Commons License
This work is licensed under a Creative Commons Attribution 4.0 International License.